Since started to work with AWS I sometimes hit the same problems more than one time 😉 One of those happen was when working with AWS Cognito – just needed to authenticate and get token – or just verify the user 😉 using command line. I honestly did not want to be bothered with any complexity to get simple tokens which I planned to use in accessing other systems etc.
For this purposes I have created simple CLI ( right now with just 2 methods ) to help me out in those situations. Usage is extremely simple you just need to have your AWS profile configured and have details of your AppClient from your user pool.
Authenticate
|
1 2 3 4 5 6 7 8 9 10 11 |
> [SHELL] RafPe $ go-cognito-authy --profile cloudy --region eu-central-1 auth --username rafpe --password 'Password.0ne!' --clientID 2jxxxiuui123 { AuthenticationResult: { AccessToken: "eyJraWQiOiJ0QXVBNmxtNngrYkxoSmZ", ExpiresIn: 3600, IdToken: "eyJraWQiOiJ0bHF2UElTV0pn", RefreshToken: "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R-TpkR_uompG7fyajYeFvn-rJVC_tDO4pB3", TokenType: "Bearer" }, ChallengeParameters: {} } |
which in return should give you response with tokens needed further in your adventures with AWS…. but if you would have user in state that a password needs to be changed 😉 ….
|
1 2 3 4 5 6 7 8 9 10 |
> [INSERT] RafPe $ go-cognito-authy --profile cloudy --region eu-central-1 auth --username rafpe --password 'Password.0ne!' --clientID 2jxxxiuui123 { ChallengeName: "NEW_PASSWORD_REQUIRED", ChallengeParameters: { requiredAttributes: "[]", USER_ID_FOR_SRP: "rafpe" }, Session: "bCqSkLeoJR_ys...." } |
Administratively set new pass
With the session above and known challenge for new pass you can use it to set desired password
|
1 |
> [INSERT] RafPe $ go-cognito-authy --profile cloudy -region eu-central-1 admin reset-pass --username rafpe --pass-new 'Password.0ne2!' --clientID 2jxxxiuui123 --userPoolID eu-central-1_CWNnTiR0j --session "bCqSkLeoJR_ys...." |
and voilla 😉 we can now continue playing with tokens
Patches welcome
The whole solution is available on Github https://github.com/RafPe/go-cognito-authy/tree/master and if you are missing something please create a PR 😉
Comments by rafpe
.Net core JWT authentication using AWS Cognito User Pool
"Havent been investigating that option. Surely you can..."
Gitlab – custom pre-receive hook
"Most likely create exception condition ? I would be..."
.Net core JWT authentication using AWS Cognito User Pool
"Can you post your code which if you are using modified one ?"
.Net core JWT authentication using AWS Cognito User Pool
"Thanks Vladimir! That is really good point! I have not..."
.Net core JWT authentication using AWS Cognito User Pool
"If you authenticate to cognito you will get response with..."